Securelist / Blog
Securelist / Blog
  • The Winlock numbers, the Winlock laws

    While Eugene’s busy taking bets (wonder how much he’s going to make?), I’ve been having a think about the Winlock case.

    Russian law enforcement is estimating that the bad guys could have raked in as much as $1 billion. While it’s difficult to be certain about the exact amounts involved (obviously they spread their money across a lot of different accounts to avoid attracting attention), a little bit of simple math makes me think this figure isn’t as crazy as it might sound.


    Our statistical analysis tells us there could be around a million people who’ve been infected. 10 cybercriminals, each getting a cut of a ransom between $10 and $30 - even though they were paying out $3 per infection to the people willing to spread this malware, the numbers add up pretty quickly.

  • Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem
    The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.


    Some groups have been arrested. Some have had their operations and entire call support centers
    shut down.

    Some groups attracted too much attention, picked off
    the low hanging fruit and eventually walked away from their botnets.

    In some cases, the groups just weren't very skilled
    at developing anti-anti-malware techniques, blackhat SEO, and malware distribution. They couldn't keep up with the changes in anti-malware technologies,
    weren't exactly dedicated     to the effort, and simply fell off the map.


    However, some of the remaining scareware distribution gangs upped the ante and are aggressively developing difficult-to-detect polymorphic installers and difficult-to-remove support components. And the newest of these malware components include some of the first ITW 64-bit malware components to be taken seriously. But, for the most part, the scareware program itself remains the same. The development continues to change and progress, all for the purpose of evading anti-malware solutions and helping coerce the end-user to pay for the fake product, including support/rootkit components like TDSS (and its extreme complexities) or the more recent Black Internet (also known as "Trojan-Clicker.Win32.Cycler") support/rootkit components. These complex Mbr infectors and other rootkit components meant to maintain money-making scareware on the system are signs of this somewhat extreme development effort.

  • The Winlock case - I'm taking bets!

    Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.


    The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.

    Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.




    But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
 
SpywareGuide Articles
Articles on Spyware, Adware, Malware and privacy in general
SpywareGuide Articles
  • DATA-THEFT WORM TARGETING GOOGLE'S ORKUT
    FaceTime Security Labs announced the discovery of a worm that steals users? banking details, usernames and passwords. The worm, known as MW.Orc, is propagating through Orkut, Google?s social networking site, as users launch an executable file disguised as a JPEG. Google has a temporary fix in place
  • The Digital Underground: Interview with RinCe
    This is Part TWO of a series of write-ups focusing on the recent threat to E-Commerce systems via potential IM (Instant Messaging) attack vectors and more besides, by way of a remotely installed administration tool and custom-built scripts, designed to find vulnerabilities in third-party payment sys
  • Property Values, Satellite Maps and Zillow
    A new service called Zillow allows you to easily access the value of your home...and your neighbors and even their neighbors. SpywareGuide articles are sponsored by FaceTime Communications, providing solutions for securing and controlling IM, P2P and Spyware Greynets.
Why It's Important To Stay Current With Antivirus Definitions PDF Print E-mail
User Rating: / 0
PoorBest 

Submitted By: Benny Carlson

It is perfectly normal for your PC or Mac to develop faults once in a while. And talking about problems, my personal computer crashed last week, and what is even more surprising is the fact that it is not even two years since I bought the notebook, and here I am ending up with a bad system.

The way everything happened was very dramatic, one minute I was watching a martial arts movie, and the next I was seeing vertical lines all over my screen. I decided to shut it down and restart it again. This is when I got the shocker; the computer simply refused to start back up. It is rather sad, but then that is the way computers behave. I cannot really say if my notebook’s problem is a hardware failure or due to virus attack.

Regardless of which one is responsible, it is strongly recommended that you take care of your personal computer if you want to prevent problems like this. It is true that nothing can be guaranteed, but it does pay to take certain precautions. One of them is keeping the paperwork that came with your PC or Mac when you bought it, while another precautionary step is to ensure you keep up to date with free antivirus downloads.

Many people often wonder why it is necessary to stay current with antivirus downloads. The reason is very simple; every single day we see, new and more fatal virus programs are written. No one really know the identity of the person or people behind what has now come to be known as cyberspace diseases, but what we know for certain is that antivirus downloads can very effective in keeping them off.

Any personal computer that is updated with modern antivirus downloads functions like a bullet proof. Yes it is true that people are developing new and more dangerous computer viruses, there are other specialists that also work twice as hard to shut them out, and this is what happens when we take advantage of free antivirus downloads. By doing so we are arming our systems to identify troublesome viruses so that they can destroy them or shut them out before they wreck havoc.

Anyone that needs a contemporary and up to date antivirus downloads should log on to the internet and download whatever they need. In addition, most of personal computers show their users these updates on their own, and you will be notified immediately new software is available.

Please don’t take the problem of computer virus with levity as they can literally destroy your computer, and we are talking of destruction that will warrant you buying a new one. This is something I doubt you will be willing to do right now. So log on to the internet and find out more information about up to date antivirus downloads.

Published At: www.Isnare.com
Permanent Link: http://www.isnare.com/?aid=99050&ca=Computers+and+Technology
 
 

Latest Virus Threats

Recent Posts

Article Archives